Intel Spectre CPU Fix Repaired by New Microsoft Patch

Recently two CPU-based vulnerabilities, Meltdown and Spectre were identified, and Intel, Microsoft and others scrambled to create fixes and workarounds.

This repair work is ongoing. Unfortunately, a recent firmware fix from Intel created system problems, such as frequent reboots and instability. Microsoft just rushed out a patch to iron out the issues. Like all patches, the fix is no good unless it is properly installed, and placed on all relevant end points.

Intel learned of its firmware fix problems last month, and advised customers to stop installing the patch. Microsoft then released its out-of-band fix that simply disables the Intel patch.

“Intel has reported issues with recently released microcode meant to address Spectre variant 2 (CVE 2017-5715 Branch Target Injection) — specifically Intel noted that this microcode can cause ‘higher than expected reboots and other unpredictable system behavior’ and then noted that situations like this may result in ‘data loss or corruption.’ Our own experience is that system instability can in some circumstances cause data loss or corruption,” Microsoft wrote in a support advisory. “While Intel tests, updates and deploys new microcode, we are making available an out-of-band update today, KB4078130, that specifically disables only the mitigation against CVE-2017-5715. In our testing this update has been found to prevent the behavior described.”

The good news is that Microsoft reported “as of January 25, there are no known reports to indicate that this Spectre variant 2 has been used to attack customers,”

The CPU Exploit Background

With both Meltdown and Spectre, hackers can exploit the vulnerabilities found in popular processors. The potential is that hackers can take advantage of these hardware issues to devise attacks that steal data from and across applications. This could be passwords, private documents, contacts, or even financial information. With both exploits, hackers can potentially compromise browsers using JavaScript. Fortunately, Mozilla and Google have blocked this path on Firefox and Chrome, as has Microsoft

Spectre is the less worrisome of the two vulnerabilities, and is less developed as an actual exploit. The good news for both exploits is they can only effectively snoop on or steal snippets of data and would take a great deal of effort to fully compromise a system.

Kaseya Automation Exchange to the Rescue

At Kaseya, we take security seriously; especially as our MSP customers often support hundreds of clients or more. Our experts stay close to the action, such as Meltdown and Spectre, through our security response team. We also stay close to customers who share fixes through the Kaseya Automation Exchange, which was built to help users of VSA by Kaseya benefit from all the other Kaseya VSA customers who have built security fixes and custom automation.

Patching is Key

The sure fire way to be protected is to keep your machines up to date. As such, leveraging Kaseya Patch Management and Kaseya Software Management will keep your systems up to date and safe from these CPU exploits. The integration with patch and Kaseya VSA means that you have already automatically discovered your end points, have details on their status, and can fully automate the patching process.

Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.